1. Field of the Invention
The invention relates generally to computer security and image processing systems and more particularly to increasing the resistance of visual authentication systems to replay attacks and spoofing.
2. Background
Computer systems and computer networks have been playing an ever increasing role in modern life. Computer systems and networks contain or provide access to large amounts of secure information and restricted-access resources. In order to safeguard information and resources, computer security techniques such as password protection have been widely adopted. Unfortunately, as the value of computer information and resources has increased, computer security techniques have come under attack.
In addition to password protection, a way to prevent unauthorized users from gaining access to a computer system, or a secure resource within or under control of the computer system, is to sense the physical appearance of a user (i.e., to image the user's physical appearance) and compare the image data with a set of image data corresponding to the various authorized users of the computer system. If there is a match, then the user is granted access, otherwise access to the computer system, or the secure resource, is denied.
There have been several authentication techniques proposed for the personal computer (PC) that make use of the video system of a PC. These techniques use the video camera of a PC to provide input to, for example, face or iris recognition processes. These systems have an inherent weakness that is derived from the open access to the camera, connection cables, and video capture input terminal(s). It is relatively easy for an adversary to unplug the camera and plug a video player into the video capture input terminal(s) of a PC. This allows the adversary to replay an authenticated image to the image recognition algorithm.
What is needed is a method and apparatus for making visual authentication less susceptible to replay attacks and spoofing.